Control Google Workspace Logins with GAT Shield Login Control #
GAT Shield allows admins to set up a Login Control rule for users of their domain. By setting up this rule, admins can control whether users can log in to their domain or not.
It works by disabling users from logging into your domain based on different criteria.
This type of Login control can be set up from the GAT Shield console.
Create a Login Control Rule in GAT Shield #
1.Open the dashboard #
Navigate to GAT Shield → Configuration → Login Control
In the Login Control window, fill in the rule details
2. Select Location #
Select an area outside of which Shield devices can not log in to your domain. The user must get into the configured area in order to deactivate blocking.
3. Logout mode #
6. Scope #
7. Time restriction #
Select when the configuration should be active. By default, when no time restriction is added, the configuration will always be active. To change it, select days and time ranges when the configuration will be active.
8. Update #
When the rule settings are applied and users are selected, click on the Update button.
9. Result #
When the Login control is enabled, the rule is applied. The users will be logged out if the rule is applied to them. The logout will happen from Google logins only, from different services where users is logged in with their Google workspace account
- Gmail
- Google Drive
- Google classrooms
- Google calendars
- All Google domain account services
The users will see a message as below.
Log in to Google services has been blocked at this time.
FAQ’s: Login Control Rule #
Q: How can I restrict Google Workspace logins by IP or location using GAT Shield?
A: You can use GAT Shield’s Login Control rule to block users from logging into your domain unless they meet specific criteria, such as being within a geographic location or using an approved public IP. Admins can also configure logout timeouts and restrict access during certain hours.
Q: What happens when a GAT Shield login control rule is triggered?
A: When the rule is active and a user does not meet the login conditions (such as being outside the allowed IP range or time window), they will be automatically logged out of their Google Workspace account. This includes services like Gmail, Drive, Calendar, and Classroom.
Q: Can I apply GAT Shield login control rules to specific users or groups?
A: Yes. GAT Shield allows you to target login control rules by individual user, group, or organisational unit. This gives admins flexibility to apply different access policies across departments or user roles.
